| Subject | Re: [ib-support] Where I find a really good security specific IB/FB group? |
|---|---|
| Author | Scott Taylor |
| Post date | 2002-07-15T15:50Z |
At 10:54 PM 14/07/2002, you wrote:
source code readily available. That might work fine for proprietary
software, then again, even that will only take time to dehash it. As far
as I'm concerned, a hash that is not machine specific is still plain text,
and I have yet to register any machines on my networks with any FB or IB
server.
>On 12 Jul 2002 at 9:38, Scott Taylor wrote:That is not a secure way to handle passwords over a public network with the
>
> >The worse security issues, that I can see, is plain text passwords
> >that get sent over the net to port 3050, and that Firebird runs as
>
> BTW plain text passwords aren't sent over the net. Password is
>hashed on the client side by DES64 and is going through the net
>hashed. On the server side arrived hash is hashed again and then
>compared with the stored value.
source code readily available. That might work fine for proprietary
software, then again, even that will only take time to dehash it. As far
as I'm concerned, a hash that is not machine specific is still plain text,
and I have yet to register any machines on my networks with any FB or IB
server.